[Date Prev][Date Next]
Re: LDAP and AD?
Le Ngoc Thach wrote:
Hi Jacques Landru,
I have a dream to have all passwords and users in LdapServer.
I think you and I had the same dream, how about that? :)
At any rate there are a number of ways to do synchronization already. I
am working one more way to do this at http://acctsync.sourceforge.net/ .
I am taking the approach that iPlanet did with they NT directory sync
product. It comprises of a NT/2000 password filter that catches user
password changes and updates the directory, and ldap server plugins that
update NT/2000 when a user is added or a password gets changed.
Although still in Alpha, I have wrote a generic password filter that
calls a external script on user password changes. My goal is to use
this dll along with a 'passwd.pl' perl script to send this changes to
the OpenLDAP server. Someone else has wrote a password filter that does
a direct ldap modify on the user's password attribute in the OpenLDAP
server. The latter is more efficient, but I believe less flexible.
Either way there's a choice.
I have made modifications to the perl backend to have it compile
windows. The patch is against CVS and is available from
I have tested the patch with activestate perl although, I believe
another perl 5.6 distribution would work with minimal effort. I don't
know when/if the patch will be incorporated into OpenLDAP CVS.
The final piece of the puzzle is the perl scripts to do the work. I am
planning to write these sometime this weekend. I'll also include
pre-built binaries if I get the chance as well. If you are interested
keep an eye on http://acctsync.sourceforge.net/ .
http://linuxquestions.org/ - Ask linux questions, give linux help.
http://splint.org/ - Write safe C code. splint source-code analyzer.